Are Missouri Schools Safe from Cyber Attacks?

Five Missouri schools across the state are being audited to make sure they are keeping private information safe. The initiative will focus on identifying practices that improve the security of information that schools have on students and families.

School districts involved in the audits are The Boonville, Cape Girardeau, Orchard Farm, Park Hill and Waynesville. The audits focus on the effectiveness of existing cybersecurity safeguards, and they will review the school district’s ability to detect a cybersecurity breach, the planned response for a breach, student personal information accessibility and protection, technology use policies, and student and staff privacy and security awareness training.

Why Audit?

Without auditing, students are at risk of having their private information stolen or their school day disrupted. These attacks on schools can go two ways – it’s either an attack targeting the theft of information, or an attack designed to consume the school’s available internet bandwidth. Information attacks target the theft of families’ social security numbers and banking information. These attacks could happen if a staff worker opens an email and unknowingly clicks on a malicious link that installs malware onto the school’s computer system. Even the savviest employee can be fooled by malware emails, as cyber attackers have worked hard to mimic the design and domains of legitimate companies.

An attack that disrupts the school day is most commonly called a Distributed Denial of Services (DDoS) attack. This attack involves multiple computers and internet connections to flood the targeted resource, thus shutting down the entire system. In Texas, a student paid to have a DDoS attack hit the school’s internet on the day students were scheduled to take online assessments. Other school districts may be the target of disgruntled students or hacker groups looking to make a statement.

Types of DDoS Attacks

DDoS attacks are not limited, however, to school districts. These internet-consuming attacks are painful to remediate and costly to any school or business that relies on internet for day-to-day functions.

Common attacks include the following:

Traffic attacks: Traffic flooding attacks send a huge volume of TCP, UDP and ICPM packets to the target. Legitimate requests get lost, and these attacks may be accompanied by malware exploitation.

Bandwidth attacks: This DDoS attack overloads the target with massive amounts of junk data. This results in a loss of network bandwidth and equipment resources and can lead to a complete denial of service.

Having DDoS protection services prevents outages caused by multiple internet-based attacks, including those launched by hacktivist groups and attacks designed to consume the target company’s internet bandwidth. Protecting your business from internet-based DDoS attacks is particularly important if your company leverages hosted applications (like email or business applications) or if online access is a critical component of your daily operations.